Name: Wireshark
Rating: 4.1522 (25 reviews)

Wireshark overview

Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.

Wireshark has a rich feature set which includes the following:

Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer which is useful for remote capture, analysis, and scripting
The most powerful display filters in the industry
VoIP analysis
Live capture and offline analysis are supported
Read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others
Capture files compressed with gzip can be decompressed on the fly
Hundreds of protocols are supported, with more being added all the time
Coloring rules can be applied to the packet list, which eases analysis

What’s new in version 3.6.1

Updated on Dec 31 2021

The following bugs have been fixed:

Allow sub-second timestamps in hexdumps Issue 15562.
GRPC: An unnecessary empty Protobuf tree item is displayed if the GRPC message body length is 0 Issue 17675.
Can’t install "ChmodBPF.pkg" or "Add Wireshark to the system path.pkg" on M1 MacBook Air Monterey without Rosetta 2 Issue 17757.
TECMP: LIN Payload is cut off by 1 byte Issue 17760.
Wireshark crashes if a 64 bit field of type BASE_CUSTOM is applied as a column Issue 17762.
Command line option "-o console.log.level" causes wireshark and tshark to exit on start Issue 17763.
Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue 17764.
Unable to build without tshark Issue 17766.

Full list of changes available here

Information

License

Free

Size

138.7 MB

Developer’s website

https://www.wireshark.org/download.html

Downloads

185039

App requirements

Intel 64
macOS 10.13.0 or later

0.0

(0 Reviews of )

There are no reviews yet

anilmushi

Apr 23 2021

3.4.5

5.0

Version: 3.4.5

The swiss army knife of packet analyzers. Incredible.

Macinman

Jul 28 2019

3.1.0

Version: 3.1.0

Hey guys, was curious if there is anyone here that uses Homebrew, I had upgraded to Wireshark 3.1.0 via the cask command in brew, then they released an update that put it back to version 3.0.3, which I had initially. I was just curious why? Thanks

nomorebugs

Jul 25 2018

2.6.2

Version: 2.6.2

greatest packet analysis tool ever

Virtualruffy

Jul 21 2017

2.4.0

Version: 2.4.0

Link is wrong, goes to old version. correct 2.4 version https://2.na.dl.wireshark.org/osx/Wireshark%202.4.0%20Intel%2064.dmg

iGaucho

Nov 21 2015

2.0.0

Version: 2.0.0

Finally it has a native UI and doesn't require X11/XQuartz!

hwgray

Oct 29 2015

1.12.8

Version: 1.12.8

Wireshark.org suggests that users of OS X try v2.0.0rc1, first. If it doesn't work for you, then try this version.

WordWeaver

Mar 17 2015

1.12.4

Version: 1.12.4

This may possibly be of help to other new WireShark users who are having trouble getting WireShark to launch in Yosemite. Some of this has been shared before, but there is a little added twist at the end which worked for me. I made repeated attempts to use both WireShark 1.12.4 and 1.99.3, but without success. Regardless of which version I used, WireShark keep freezing up during the initialization process. In the initialization window, WireShark would get as far as "Loading module preferences", or about three quarters of the way done, and in the bottom of the window it would say "Please wait while Wireshark is initializing..."; and then freeze-up. So I conducted some quick research on the web and discovered that I had to enter "sudo ln -s /opt/X11 /usr/X11" in the Terminal in order to restore a link an X11 link that Yosemite breaks. However, even that did not help. Next, I reinstalled XQuartz 2.7.7. Again, that didn't help either. Then I came across an online comment where someone stated that they typed "sudo wireshark" in the Terminal. Guess what? I don't know why, but it worked. The Terminal spit out the following, and then WireShark launched on my desktop: void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting 22:01:58 Dbg plugin_dir: /Applications/Wireshark.app/Contents/PlugIns/wireshark Now I can click WireShark's icon in the Dock, and it appears to be working fine.

Chocky

Feb 14 2015

1.12.3

Version: 1.12.3

Wireshark on Yosemite To get Wireshark working on Yosemite you will need to install X11 which may be found at: http://xquartz.macosforge.org/landing/ and then make the following link: $ sudo ln -s /opt/X11 /usr/X11

Jpinoniemi

Jan 8 2015

1.12.1

Version: 1.12.1

Wireshark 1.12.3 was released on 1-7-15

Holgorio

Sep 17 2014

1.12.0

4.0

Version: 1.12.0

Wireshark 1.12.1 is available fixing several security issues with DoS vulnerabilities in some of their parsers or dissectors. Enjoy.

David-Morrison

Apr 1 2013

1.8.6

Version: 1.8.6

Just for the record, when you start WireShark (1.9.2) in Mountain Lion, it offers to install an X11 system. If you say yes, it takes you to an Apple Support page which contains a link to the XQuartz project. You have to download and install it. Note that it gets installed in the Utilities folder inside the Applications folder. When you start WireShark, it asks you to find X11. Navigate to Utilities folder and select XQuartz. WireShark now freezes for a couple of minutes while it builds font caches - DON'T PANIC! Then the window appears.

Nicolasd

Jun 17 2012

1.6.7

Version: 1.6.7

Beware. Apple is REMOVING X11 in Mac OS X 10.8 Mountain Lion. Not an optional install. It's *GONE*! In a few months, Wireshark will be unusable on up-to-date Macs.

anonymous-dingo-5566

May 31 2012

I just downloaded it for a networking class. On their site the version is 1.6.8, here it's 1.6.7. Please update as I depend on Macupdate for the most recent versions. Thanks

Anon42

Mar 29 2012

1.6.6

0.5

Version: 1.6.6

No longer supports 10.6.5 :-(

frequencydip

Nov 5 2011

1.6.3

4.5

Version: 1.6.3

This program has been very useful in troubleshooting tracking and analytics. Using the GA debugger only helps for chrome, using this we can see the call any browser makes or even a connected iPad or iPhone!

JohnKHeath

Oct 22 2011

1.6.2

Version: 1.6.2

After trying for a hundred times, I still have problems installing this program. Any workaround for Lion, or is it not supported?

Oct 5 2011

I used to run WireShark in windows, now this version has even better functionalities in Mac. Works great, I like it.

angelowales79

Sep 30 2011

Gotta love wireshark

anonymous-aardvark-5710

Jun 8 2011